[apparmor] [PATCH 07/10] From eef17d94fc6189d2303ef38e025f0ca6805adc18 Mon Sep 17 00:00:00 2001 From: John Johansen <john.johansen at canonical.com> Date: Sat, 3 Nov 2012 08:19:51 -0700 Subject: [PATCH 07/10] Remove dead code around pattern matching in rules

Mon Jul 22 05:32:50 UTC 2013

remove old dead code that used to fail compilation if regular expressions
where detected in the rules and the apparmor kernel module did not support
regular expression matching.

Signed-off-by: John Johansen <john.johansen at canonical.com>
---
 parser/parser.h        |  2 +-
 parser/parser_policy.c | 50 --------------------------------------------------
 2 files changed, 1 insertion(+), 51 deletions(-)

diff --git a/parser/parser.h b/parser/parser.h
index 733e629..3642833 100644
--- a/parser/parser.h
+++ b/parser/parser.h
@@ -399,7 +399,7 @@ extern void free_policy(struct codomain *cod);
 extern void dump_policy(void);
 extern void dump_policy_hats(struct codomain *cod);
 extern void dump_policy_names(void);
-extern int die_if_any_regex(void);
+
 void free_policies(void);
 
 #ifdef UNIT_TEST
diff --git a/parser/parser_policy.c b/parser/parser_policy.c
index 3536d21..f147be7 100644
--- a/parser/parser_policy.c
+++ b/parser/parser_policy.c
@@ -271,56 +271,6 @@ int merge_hat_rules(struct codomain *cod)
 	return 0;
 }
 
-int die_if_any_regex(void);
-static int die_if_any_hat_regex(struct codomain *cod);
-static int any_regex_entries(struct cod_entry *entry_list);
-
-/* only call if regex is not allowed */
-static void __any_regex(const void *nodep, const VISIT value,
-		        const int __unused depth)
-{
-	struct codomain **t = (struct codomain **) nodep;
-
-	if (value == preorder || value == endorder)
-		return;
-
-	if (any_regex_entries((*t)->entries)) {
-		PERROR(_("ERROR profile %s contains policy elements not usable with this kernel:\n"
-			 "\t'*', '?', character ranges, and alternations are not allowed.\n"
-			 "\t'**' may only be used at the end of a rule.\n"),
-			(*t)->name);
-		exit(1);
-	}
-
-	die_if_any_hat_regex(*t);
-}
-
-/* only call if regex is not allowed */
-int die_if_any_regex(void)
-{
-	twalk(policy_list, __any_regex);
-	return 0;
-}
-
-/* only call if regex is not allowed */
-static int die_if_any_hat_regex(struct codomain *cod)
-{
-	twalk(cod->hat_table, __any_regex);
-	return 0;
-}
-
-static int any_regex_entries(struct cod_entry *entry_list)
-{
-	struct cod_entry *entry;
-
-	list_for_each(entry_list, entry) {
-		if (entry->pattern_type == ePatternRegex)
-			return TRUE;
-	}
-
-	return FALSE;
-}
-
 static void __process_regex(const void *nodep, const VISIT value,
 			    const int __unused depth)
 {
-- 
1.8.1.2


